Replace DPM.resetPassword with hostside setup steps
resetPassword() is no longer available to new DPCs, so rely on
hostside ADB commands to set/clear lockscreen password instead.
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegatedCertInstaller
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.ManagedProfileTest#testLockNowWithKeyEviction
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.ManagedProfileTest#testTrustAgentInfo
Bug: 35417075
Change-Id: I32bb4ee6e57ded77019fb22ee1b2e70f54a748d6
diff --git a/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordHelper.java b/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordHelper.java
deleted file mode 100644
index 1303172..0000000
--- a/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordHelper.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.android.cts.deviceandprofileowner;
-
-import android.app.admin.DevicePolicyManager;
-import android.content.Context;
-import android.test.AndroidTestCase;
-
-/**
- * This test is used to set and clear the lockscreen password. This is required to use the keystore
- * by the host side delegated cert installer test.
- */
-public class ResetPasswordHelper extends AndroidTestCase {
-
- private DevicePolicyManager mDpm;
-
- @Override
- protected void setUp() throws Exception {
- super.setUp();
- mDpm = (DevicePolicyManager) mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);
- }
-
- /**
- * Set lockscreen password.
- */
- public void testSetPassword() {
- // Enable credential storage by setting a nonempty password.
- assertTrue(mDpm.resetPassword("test", 0));
- }
-
- /**
- * Clear lockscreen password.
- */
- public void testClearPassword() {
- mDpm.setPasswordQuality(BaseDeviceAdminTest.ADMIN_RECEIVER_COMPONENT,
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
- mDpm.setPasswordMinimumLength(
- BaseDeviceAdminTest.ADMIN_RECEIVER_COMPONENT, 0);
- assertTrue(mDpm.resetPassword("", 0));
- }
-}
diff --git a/hostsidetests/devicepolicy/app/DeviceOwner/src/com/android/cts/deviceowner/KeyManagementTest.java b/hostsidetests/devicepolicy/app/DeviceOwner/src/com/android/cts/deviceowner/KeyManagementTest.java
index 8aae258..0b783a0 100755
--- a/hostsidetests/devicepolicy/app/DeviceOwner/src/com/android/cts/deviceowner/KeyManagementTest.java
+++ b/hostsidetests/devicepolicy/app/DeviceOwner/src/com/android/cts/deviceowner/KeyManagementTest.java
@@ -69,17 +69,12 @@
getActivity().getSystemService(Context.DEVICE_POLICY_SERVICE);
BaseDeviceOwnerTest.assertDeviceOwner(mDevicePolicyManager);
- // Enable credential storage by setting a nonempty password.
- assertTrue(mDevicePolicyManager.resetPassword("test", 0));
+ // Hostside test has set a device lockscreen in order to enable credential storage
}
@Override
protected void tearDown() throws Exception {
- // Delete all keys by resetting our password to null, which clears the keystore.
- mDevicePolicyManager.setPasswordQuality(getWho(),
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
- mDevicePolicyManager.setPasswordMinimumLength(getWho(), 0);
- assertTrue(mDevicePolicyManager.resetPassword("", 0));
+ // Hostside test will clear device lockscreen which in turn will clear the keystore.
super.tearDown();
}
diff --git a/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/LockNowTest.java b/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/LockNowTest.java
index 695e19c..d81b15c 100644
--- a/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/LockNowTest.java
+++ b/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/LockNowTest.java
@@ -27,7 +27,6 @@
public class LockNowTest extends BaseManagedProfileTest {
public void testLockNowWithKeyEviction() throws InterruptedException {
- assertTrue(mDevicePolicyManager.resetPassword("password", 0));
mDevicePolicyManager.lockNow(DevicePolicyManager.FLAG_EVICT_CE_KEY);
// The test that the managed profile was locked is done in the host
}
diff --git a/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/TrustAgentInfoTest.java b/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/TrustAgentInfoTest.java
index 2e2a334..36dcce5 100644
--- a/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/TrustAgentInfoTest.java
+++ b/hostsidetests/devicepolicy/app/ManagedProfile/src/com/android/cts/managedprofile/TrustAgentInfoTest.java
@@ -89,8 +89,8 @@
}
public void testSetTrustAgentConfiguration_bothHaveTrustAgentConfigAndNonUnified() {
- // Enable separate challenge for the managed profile.
- mDevicePolicyManager.resetPassword("1234", 0);
+ // Precondition: separate challenge for the managed profile should have been enabled.
+
// Set both trust agents.
setTrustAgentConfiguration(false /* isParent */);
setTrustAgentConfiguration(true /* isParent */);
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/BaseDevicePolicyTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/BaseDevicePolicyTest.java
index bf5049c..f7ba94f 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/BaseDevicePolicyTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/BaseDevicePolicyTest.java
@@ -720,4 +720,27 @@
}
return "clear-restriction";
}
+
+ /**
+ * Set lockscreen password / work challenge for the given user, null or "" means clear
+ */
+ protected void changeUserCredential(String newCredential, String oldCredential, int userId)
+ throws DeviceNotAvailableException {
+ final String oldCredentialArgument = (oldCredential == null || oldCredential.isEmpty()) ? ""
+ : ("--old " + oldCredential);
+ if (newCredential != null && !newCredential.isEmpty()) {
+ String commandOutput = getDevice().executeShellCommand(String.format(
+ "cmd lock_settings set-password --user %d %s %s", userId, oldCredentialArgument,
+ newCredential));
+ if (!commandOutput.startsWith("Password set to")) {
+ fail("Failed to set user credential: " + commandOutput);
+ }
+ } else {
+ String commandOutput = getDevice().executeShellCommand(String.format(
+ "cmd lock_settings clear --user %d %s", userId, oldCredentialArgument));
+ if (!commandOutput.startsWith("Lock credential cleared")) {
+ fail("Failed to clear user credential: " + commandOutput);
+ }
+ }
+ }
}
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
index 766b54a..dfa9239 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
@@ -210,8 +210,7 @@
};
// Set a device lockscreen password (precondition for installing private key pairs).
- runDeviceTestsAsUser(DEVICE_ADMIN_PKG, ".ResetPasswordHelper", "testSetPassword",
- mUserId);
+ changeUserCredential("1234", null, mUserId);
// Install relevant apps.
installAppAsUser(DELEGATE_APP_APK, mUserId);
@@ -241,8 +240,7 @@
setDelegatedScopes(DELEGATE_APP_PKG, null);
// Clear lockscreen password previously set for installing private key pairs (DO only).
if (mPrimaryUserId == mUserId) {
- runDeviceTestsAsUser(DEVICE_ADMIN_PKG,
- ".ResetPasswordHelper", "testClearPassword", mUserId);
+ changeUserCredential(null, "1234", mUserId);
}
}
}
@@ -490,14 +488,13 @@
try {
// Set a non-empty device lockscreen password, which is a precondition for installing
// private key pairs.
- runDeviceTestsAsUser(DEVICE_ADMIN_PKG, ".ResetPasswordHelper", "testSetPassword",
- mUserId);
+ changeUserCredential("1234", null, mUserId);
+
runDeviceTestsAsUser(DEVICE_ADMIN_PKG, ".DelegatedCertInstallerTest", mUserId);
} finally {
if (!isManagedProfile) {
// Skip managed profile as dpm doesn't allow clear password
- runDeviceTestsAsUser(DEVICE_ADMIN_PKG,
- ".ResetPasswordHelper", "testClearPassword", mUserId);
+ changeUserCredential(null, "1234", mUserId);
}
}
}
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceOwnerTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceOwnerTest.java
index 80aa652..8fce788 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceOwnerTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceOwnerTest.java
@@ -88,7 +88,13 @@
}
public void testKeyManagement() throws Exception {
- executeDeviceOwnerTest("KeyManagementTest");
+ try {
+ changeUserCredential("1234", null, mPrimaryUserId);
+
+ executeDeviceOwnerTest("KeyManagementTest");
+ } finally {
+ changeUserCredential(null, "1234", mPrimaryUserId);
+ }
}
public void testLockScreenInfo() throws Exception {
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/ManagedProfileTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/ManagedProfileTest.java
index cb40c61..cfccac9 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/ManagedProfileTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/ManagedProfileTest.java
@@ -143,6 +143,7 @@
if (!mHasFeature || !mSupportsFbe) {
return;
}
+ changeUserCredential("1234", null, mProfileUserId);
runDeviceTestsAsUser(MANAGED_PROFILE_PKG, MANAGED_PROFILE_PKG + ".LockNowTest",
"testLockNowWithKeyEviction", mProfileUserId);
final String cmd = "dumpsys activity | grep 'User #" + mProfileUserId + ": state='";
@@ -854,11 +855,15 @@
runDeviceTestsAsUser(MANAGED_PROFILE_PKG, ".TrustAgentInfoTest",
"testSetTrustAgentConfiguration_bothHaveTrustAgentConfigAndUnified",
mProfileUserId);
- // Non-unified case, this test must run last because we have no way to clear work side
- // password.
- runDeviceTestsAsUser(MANAGED_PROFILE_PKG, ".TrustAgentInfoTest",
- "testSetTrustAgentConfiguration_bothHaveTrustAgentConfigAndNonUnified",
- mProfileUserId);
+ // Non-unified case
+ try {
+ changeUserCredential("1234", null, mProfileUserId);
+ runDeviceTestsAsUser(MANAGED_PROFILE_PKG, ".TrustAgentInfoTest",
+ "testSetTrustAgentConfiguration_bothHaveTrustAgentConfigAndNonUnified",
+ mProfileUserId);
+ } finally {
+ changeUserCredential(null, "1234", mProfileUserId);
+ }
}
private void disableActivityForUser(String activityName, int userId)
